Alias(es)MSIE.ADODB.Recordset.Filter.DoS |
Release DateJul 03, 2006 |
Severitymedium |
ImpactDenial of service. |
DescriptionThis indicates an attempt to exploit a denial of service vulnerability in Microsoft Internet ExplorerThe vulnerability is a result of a NULL pointer dereference error in the Microsoft Data Access ActiveX "msado15.dll" object. It can be triggered by a specially crafted "ADODB.Recordset Filter Property". It can be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web page. |
Affected ProductsMicrosoft Internet Explorer 6.0 SP1Microsoft Internet Explorer 6.0 |
Recommended ActionsAs of August 25 2006, Fortinet is unaware of any vendor supplied patches for this issue. If you have more recent information, please contact us at vulnwatch AT fortinet.com.Users should never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources. Disable the execution of script code or active content in your web browser. Disabling scripting and active content in the Internet Zone may limit exposure to this and other vulnerabilities. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-3354 |
Reference/shttp://www.securityfocus.com/bid/18773 (BugTraq) |
